AMENDMENTS TO THE SPECIFICATION 



Please replace paragraph 20 on pages 7-8 with the following: 

[0020] In one embodiment, the intelligent switch 24 may be provided as part of a 
managed service/CPE (customer premise equipment) bundle to any number of 
networks desiring to outsource these types of network functions. These subscriber 
networks would then have content analysis functions, such as content filtering, anti-virus 
protection and intrusion detection, managed by a third party managed service entity. As 
shown in FIG. 4, an example of a managed service provider network 48 is shown. In 
this embodiment, [[a]] the managed service provider network [[38]] 48 contains one or 
more policy management servers 50. The content analysis applications contained in 
the one or more separate content analysis management servers 50 at the managed 
service provider network 48 may include one or more versions of content filtering, anti- 
virus, and intrusion detection applications for use at the intelligent switches 24 in 
separate subscriber networks 52, 54 subscribing to the managed service or services. 

Please replace paragraph 25 on pages 9-10 with the following: 

[0025] Utilizing the systems described above, one embodiment of a method for 
managing content analysis and filtering from a remotely managed service provider 
network is shown in FIG. 5. A subscriber network signing up for one or more services 
from the managed service provider network 48 may initially receive an intelligent switch 
24 with its application buffer administration interface already containing preloaded 
content analysis applications. After the intelligent switch or intelligent switches have 
been installed at the subscriber network, the subscriber network administrator may then 
access the managed service provider network to request one or more managed 
services such as content filtering or anti-virus protection (at [[60]] 61). Upon receipt of 
the managed service request from the subscriber network, the one or more services 
from the one or more content ana l ysis policy management servers 50 within the 
managed service provider network [[42]] 48 will transmit a service activation code in a 
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transmission addressed to the intelligent switch of the subscriber network (at 62). The 
activation code may be transmitted in an encrypted signal, through a secure channel 
such as a VPN tunnel 56, 58 between the policy management server of the provider 
network and the intelligent switch of the subscriber network, or via any of a number of 
other known secure transmission mechanisms. 

Please replace paragraph 26 on page 10 with the following: 

[0026] In addition to activating the service generally at the subscriber's intelligent 
switch, the managed service provider network [[42]] 48 may remotely configure each 
port in the intelligent switch at the subscriber network (at 64). The configuration criteria 
may range from simply enabling or disabling the service for each particular intelligent 
switch, or it may include more detailed parameters to tailor the extent to which the 
service is enabled on a port-to-port basis. In one embodiment, the content analysis 
management server may be linked to a backend billing server 51 (see FIG. 4) in the 
service provider network. The billing server can keep track of charges for content 
analysis services subscribed to by the various subscriber networks. The billing server 
may include information on service start and stop times for each subscriber network, the 
number of ports at each intelligent switch, and how each switch is individually 
configured. In this way, a subscriber may be billed on a per port basis for the specific 
configuration of service set up on each individual port. 

Please replace paragraph 27 on pages 10-11 with the following: 

[0027] Following the initial set up and configuration of the services for each port in a 
subscriber network intelligent switch, the services may be reconfigured or updated at 
any time through transmission from the policy management server 50 to the intelligent 
switch 24 in the appropriate network. As long as the subscriber network maintains an 
active status with the managed service provider network, the managed service provider 
network 48 will provide web portal or other automated access for subscriber network 
administrators to change the configuration of ports and services in their network. The 
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managed service provider network will detect whether there is a reconfiguration request 
and, if so, automatically configure each port 26 at the intelligent switch according to the 
reconfiguration request (at 66, 68). In addition to responding at the managed service 
provider network to reconfiguration requests entered by system administrators for 
subscribing networks, the managed service provider network will automatically update 
service application software as service updates become available by transmitting these 
updates to the intelligent switch or intelligent switches in the various subscriber 
networks (at 60, 62 70, 72 ). The service update function may execute automatically or 
may provide updates for which the subscriber network system administrators may 
manually accept or reject. 

Please replace paragraph 28 on page 11 with the following: 

[0028] After the services subscribed to have been activated at the intelligent switch 
and the appropriate ports configured according to requests of the administrator of the 
subscriber network, scanning will take place at the intelligent switch or intelligent 
switches 24 according to the services activated at the port. The content analysis 
scanning will take place independently at each port, so information arriving at each port 
will be analyzed in substantially real-time. As illustrated in FIG. 6, each intelligent 
switch can receive unanalyzed data from an external source or data from within the 
local network. Typically, a router or other network device in a local area network will 
receive unanalyzed data from the external network and pass the unanalyzed data to the 
intelligent switch for processing. The intelligent switch in the subscribing network will 
analyze data on a port-by-port basis with at least one of the data analysis applications 
stored at the intelligent switch (at 64, 66 74, 76 ). The analyzed data will then be 
forwarded on from the port of the intelligent switch to the appropriate destination device 
in the subscriber network. 
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Please replace paragraph 30 on page 12 with the following: 

[0030] The intelligent switch will transmit performance data of the content analysis 
services for each port to the managed service provider network (at [[68]] 78). In one 
embodiment, this may be accomplished by configuring the intelligent switch to transmit 
performance data at regular intervals to the managed service provider network so that a 
subscriber network administrator may receive updated information as to performance 
when that administrator contacts the managed service provider through the web portal 
interface. Alternatively, upon receipt of a web portal inquiry from the subscriber network 
administrator, the managed service provider network can poll the appropriate intelligent 
switch for the latest data which would be cached at the intelligent switch. In yet another 
embodiment, each and every performance related action at each port of the intelligent 
switch may be transmitted in substantially real time to the managed service provider 
network. 
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